Glad to see nothing has changed on AI -- anyone who doesn't tout the party line is "delusional" or "a troll." Really mature bunch of commenters, we have here. I don't think reasoning by analogy is helpful here, but to continue your comparison -- the issue isn't who has a better door. When police are reporting crime statistics, they report on break-ins, burglaries, etc, not on how many people lock their doors. The difference isn't just semantics, it matters. I doubt I could...

Again, could you please quote properly? Way to move the goal posts. No device sandbox protects against sending cleartext data. But that's not the same as "Having a "sandbox" doesn't mean there is any security involved." The Android and iOS sandboxes protect against on-device attacks. I haven't seen any evidence that the iOs sandbox will prevent third-party keyboards on iOS from sending data in cleartext. Do you know of any? You mean because I linked to primary sources...

Knox is based on SE Android, which is being rolled out now. Google, Samsung, and Cyanogenmod are taking their time to make sure they get the policies right, so they're running it in Permissive mode now. Once it's put into Enforcing mode, it should block most privilege escalation attacks. In the meantime, Bouncer + Verify Apps seems to be doing a pretty good job blocking malware.

I don't know if you can go that far with the data that we have. I'd love to see good, reliable data about which versions have what infections, etc. I'd also love to see how OEMs and carriers compare for patch responsiveness. There's far, far too much hype and fear-mongering when it comes to mobile security and precious little hard data.

I'm not sure those are relevant to Google's numbers. Yes, it would be good if bugs in the OS could be fixed faster, but given the way vendors customize the OS and the certification processes that carriers insist on, I don't think that'll happen (Nexus/GE and CM devices aside). But if Google's security scanner blocks a malicious app from being installed in the first place, it doesn't matter as much, does it? That's what we see with the master key bug. There are a great...

That's just demonstrably wrong. Google's Play Store uses Bouncer which scans all uploaded apps for malware. Google Play Services also checks apps on the devices when they're installed; it even checks side-loaded apps.

Oh, right, because no one who uses Android is capable of independent thought -- we're all just robotic slaves of the evil Google and Scamsung overlords, mindlessly parroting talking points. /s Every thread has to be turned into some hateful ragefest against Android. Android must constantly be painted in a negative light, as must everyone who uses it. We must have hundreds of comments bellowing forth the unmatched unequivocal superiority of Apple, iOS, and their users.

Sure, there are features in the core OS. But a lot of new functionality is being put into the upgradable user-space components. So my original point still stands - the OS version number is a lot less important that it used to be.